Configuring a Load Balancer for SSL Termination or SSL Passthrough

You can create a listener to secure the flows passing through the load balancer.

The SSL termination approach consists in enabling HTTPS or SSL flows between the Internet and your load balancer. In this case, the SSL certificate is located in the load balancer.

The SSL passthrough approach consists in forwarding the HTTPS flows to the backend virtual machines (VMs) using the TCP protocol. In this case, SSL certificates are located in each of the backend VMs.

Configuring a Load Balancer with SSL Termination

Upload an SSL server certificate to your account.
For more information, see Uploading a Server Certificate.
Add a listener to your load balancer with either of the following configurations:
- For HTTPS:
  - Protocol: HTTPS
  - Load balancer port: 443
  - Instance protocol: HTTP
  - Instance port: 80
  - SSL certificate: The previously uploaded SSL certificate
- For SSL:
  - Protocol: SSL
  - Load balancer port: Any value between 1 and 65535, both included
  - Instance protocol: TCP
  - Instance port: Any value between 1 and 65535, both included
  - SSL certificate: The previously uploaded SSL certificate
For more information, see Adding or Deleting Listeners.

Configuring a Load Balancer with SSL Passthrough

Add a listener to your load balancer with the following configuration:
- Protocol: TCP
- Load balancer port: 443
- Instance protocol: TCP
- Instance port: 443
For more information, see Adding or Deleting Listeners.
Install an SSL certificate on each of the backend VMs of the load balancer.

To do so, you can connect to your backend VMs. For more information, see Accessing Your VMs.

Related Pages

Corresponding API Methods